Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1rfn2fgIGFEGOn3JdFEqOaBOSKo.roa
File: 1rfn2fgIGFEGOn3JdFEqOaBOSKo.roa (raw, json)
Hash identifier: lfIjWTRMslpjP4bJ9WXtG8+3Tmy7OJYTEPpDwsZDPS0=
Subject key identifier: D6:B7:E7:D9:F8:08:18:51:06:3A:7D:C9:74:51:2A:39:A0:4E:48:AA
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01956A24EDB259DEBEAA3E30511279916211
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1rfn2fgIGFEGOn3JdFEqOaBOSKo.roa
Signing time: Thu 06 Mar 2025 06:29:19 +0000
ROA not before: Thu 06 Mar 2025 06:29:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 16:13:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:6a:24:ed:b2:59:de:be:aa:3e:30:51:12:79:91:62:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Mar 6 06:29:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6b7e7d9f8081851063a7dc974512a39a04e48aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:25:5a:f4:a2:ed:53:79:22:bc:82:f4:af:af:
91:22:6e:55:b8:75:cf:66:7d:76:92:5a:bd:e6:3b:
3c:66:ba:a3:66:11:7d:8e:3d:2f:bf:33:f2:c1:68:
03:c5:fa:ff:7a:0b:15:30:d8:fc:86:30:38:d6:53:
9d:16:e1:c2:55:fe:6b:84:d4:f2:fb:96:98:62:31:
30:2c:18:5f:78:57:a5:de:de:38:ca:b7:d3:55:42:
c9:68:f2:de:17:ab:1e:86:cd:ab:27:88:b5:d4:a3:
0e:91:b6:31:db:7b:c7:96:4d:f4:1f:19:1c:ea:5d:
e3:33:79:3b:56:a0:88:d5:33:88:1f:93:ca:19:1b:
07:3c:a0:d6:a1:bb:f3:76:b5:cb:bd:ab:ef:9d:71:
ce:7f:91:4a:b7:83:80:ac:58:03:97:35:4d:50:91:
e1:52:f9:67:3d:34:d8:f9:15:5d:58:03:a8:bb:f0:
99:98:de:59:35:d1:a7:77:1e:32:ee:1c:93:ea:a6:
2b:c1:b7:3f:f1:46:21:30:2e:34:5d:c5:ce:01:88:
fb:58:2f:87:14:07:62:c8:7f:eb:f2:ab:be:cf:a2:
6c:05:c2:4d:26:70:2c:34:b4:66:b0:91:73:41:de:
38:91:44:0a:dd:63:95:d2:db:f2:cf:7d:2f:fb:71:
c8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B7:E7:D9:F8:08:18:51:06:3A:7D:C9:74:51:2A:39:A0:4E:48:AA
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1rfn2fgIGFEGOn3JdFEqOaBOSKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/24
85.239.151.0/24
Signature Algorithm: sha256WithRSAEncryption
72:93:f0:98:d8:3a:9b:c2:f5:4a:b9:01:68:7e:95:a1:88:70:
97:64:8d:1c:67:fb:c8:85:fb:78:04:7f:0b:ec:83:36:d9:f5:
1a:6a:c3:fd:77:38:6a:22:f9:f7:28:6b:30:27:51:c8:d8:13:
21:29:78:1c:f6:5c:96:a7:d8:c9:ba:0c:e9:82:19:87:e1:00:
d1:e4:66:37:c5:47:34:27:b1:44:1e:c2:99:8b:6d:2b:d4:eb:
47:51:8b:c8:f5:1b:a8:a7:33:0f:51:da:04:19:93:6e:3e:0a:
65:f7:f5:83:27:c4:58:04:7c:04:88:1f:2b:03:9d:97:a8:d0:
20:80:36:2a:fe:d8:4b:48:56:ee:a1:d6:06:60:4f:4f:57:49:
3d:46:74:a3:99:8d:56:5c:cc:cb:f1:f4:06:6b:c7:16:40:07:
ee:fd:e4:cd:77:53:67:9f:68:18:b5:3f:69:82:80:26:6b:3f:
16:5d:9d:68:e8:b3:d3:e7:3e:08:bf:82:99:20:12:04:69:83:
dc:c6:6f:57:88:e8:a4:92:7a:78:a4:40:af:e4:4f:ff:f2:63:
ce:15:38:25:f8:55:a9:ad:a1:df:d0:d4:03:a5:06:0f:17:95:
03:11:8d:9b:b2:72:14:f7:92:02:42:b0:30:1c:2f:59:57:c9:
b6:e1:e6:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVqJO2yWd6+qj4wURJ5kWIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwMzA2MDYyOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmI3ZTdkOWY4MDgxODUxMDYzYTdkYzk3NDUxMmEzOWEwNGU0OGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCVa9KLtU3kivIL0r6+RIm5VuHXP
Zn12klq95js8ZrqjZhF9jj0vvzPywWgDxfr/egsVMNj8hjA41lOdFuHCVf5rhNTy
+5aYYjEwLBhfeFel3t44yrfTVULJaPLeF6sehs2rJ4i11KMOkbYx23vHlk30Hxkc
6l3jM3k7VqCI1TOIH5PKGRsHPKDWobvzdrXLvavvnXHOf5FKt4OArFgDlzVNUJHh
UvlnPTTY+RVdWAOou/CZmN5ZNdGndx4y7hyT6qYrwbc/8UYhMC40XcXOAYj7WC+H
FAdiyH/r8qu+z6JsBcJNJnAsNLRmsJFzQd44kUQK3WOV0tvyz30v+3HI7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNa359n4CBhRBjp9yXRRKjmgTkiqMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvMXJmbjJmZ0lHRkVHT24zSmRGRXFPYUJPU0tvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVe+QAwQA
Ve+XMA0GCSqGSIb3DQEBCwUAA4IBAQByk/CY2DqbwvVKuQFofpWhiHCXZI0cZ/vI
hft4BH8L7IM22fUaasP9dzhqIvn3KGswJ1HI2BMhKXgc9lyWp9jJugzpghmH4QDR
5GY3xUc0J7FEHsKZi20r1OtHUYvI9RuopzMPUdoEGZNuPgpl9/WDJ8RYBHwEiB8r
A52XqNAggDYq/thLSFbuodYGYE9PV0k9RnSjmY1WXMzL8fQGa8cWQAfu/eTNd1Nn
n2gYtT9pgoAmaz8WXZ1o6LPT5z4Iv4KZIBIEaYPcxm9XiOikknp4pECv5E//8mPO
FTgl+FWpraHf0NQDpQYPF5UDEY2bsnIU95ICQrAwHC9ZV8m24eb4
-----END CERTIFICATE-----
Generated at Thu May 8 10:43:29 2025 by rpki-client